Create API keys
API Authentication Configuration
InTouch lets you enable or disable Basic Authentication and create API clients for OAuth-based authentications.
Enable or Disable Basic Authentication for an org
To enable or disable basic authentication for an org, follow these steps. By default, Basic Authentication is enabled for the org. As only Till ID and password are required for Basic Auth, you do not see additional configuration options. For details on how to create till credentials, see set up org hierarchy, and for basic authentication process see authentication.
- Log on to InTouch of your cluster.
- Navigate to the Profile icon > Organization Settings > Tools > Authentication.
- Click Modify to create a new client (token key and secret) for the org.
- To enable basic auth, set the Enable Basic Authentication to Yes.
Create API Clients
When you create client accounts, you will get the client key and client secret which can be used for OAuth. You can also generate access tokens with the generated client key and secret pair for more secured integrations.
- On the API Client page, click Register.
- In the Client name, enter a name for the client.
- In Description, enter a short description of the client.
- In Token expiry duration, set the default expiry (in minutes) for the tokens created for the client. To modify, drag the pointer to the required position on the line.
- In Access Permission, select the desired access that you want to provide for the current client - Target Groups: Related to target loyalty APIs; Transaction: Related to transaction API; All: For all other APIs.
- None: To restrict both read and write access to the respective APIs. This is the default value.
- View only: Select this to provide only read access to the respective APIs.
- Modify: Select this to provide both read and write access (add/update) to the respective APIs.
- In Select your organization till, choose the Till that you want to associate to all the POST API calls.
- Click Next. You will see the Client key and Client secret generated for the client.
- Copy the Client key and client secret and use them for authentication (OAuth). Using these details, you can also generate an access token through API as mentioned in the next section (Step 2: Generate Access Token).
- Click Done to close the screen.
- To create more API client accounts, use New API Client.
After the client key and secret are generated, if you exit the API Credentials page, you cannot access the client secret again for that client.
Updated about 1 year ago